56 lines
1.4 KiB
Go
56 lines
1.4 KiB
Go
package service
|
||
|
||
import (
|
||
"fmt"
|
||
"time"
|
||
|
||
"github.com/golang-jwt/jwt/v5"
|
||
)
|
||
|
||
// AuthService 是认证服务
|
||
type AuthService struct {
|
||
secret []byte
|
||
}
|
||
|
||
func NewAuthService(secret string) *AuthService {
|
||
return &AuthService{secret: []byte(secret)}
|
||
}
|
||
|
||
// Claims 是 JWT 宣告
|
||
type Claims struct {
|
||
UserID string `json:"user_id"`
|
||
Role string `json:"role"`
|
||
jwt.RegisteredClaims
|
||
}
|
||
|
||
// IssueToken 签发 JWT Token,有效期 8 小时
|
||
func (s *AuthService) IssueToken(userID, role string) (string, error) {
|
||
claims := Claims{
|
||
UserID: userID,
|
||
Role: role,
|
||
RegisteredClaims: jwt.RegisteredClaims{
|
||
ExpiresAt: jwt.NewNumericDate(time.Now().Add(8 * time.Hour)),
|
||
IssuedAt: jwt.NewNumericDate(time.Now()),
|
||
},
|
||
}
|
||
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
||
return token.SignedString(s.secret)
|
||
}
|
||
|
||
// ParseToken 验证并解析 Token
|
||
func (s *AuthService) ParseToken(tokenStr string) (*Claims, error) {
|
||
token, err := jwt.ParseWithClaims(tokenStr, &Claims{}, func(token *jwt.Token) (any, error) {
|
||
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
|
||
return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
|
||
}
|
||
return s.secret, nil
|
||
})
|
||
if err != nil {
|
||
return nil, fmt.Errorf("parse token: %w", err)
|
||
}
|
||
if claims, ok := token.Claims.(*Claims); ok && token.Valid {
|
||
return claims, nil
|
||
}
|
||
return nil, fmt.Errorf("invalid token")
|
||
}
|